[squid-users] Empty ACL technical risks
Никита Серёгин
nick.srg at yandex.ru
Tue Jun 11 11:36:22 UTC 2019
Hi All,
If there is an empty acl in squid.conf, squid gives us warning message during restart/reconfigure.
We wonder if these warnings are just notifications for administrator, or there are some really technical risks.
Like here for example: https://bugs.launchpad.net/ubuntu/+source/squid-deb-proxy/+bug/1659567
Amos Jeffries wrote: "The check is a generic validity check used for all ACLs. Whether it is 'harmless' depends on future events at the time of checking. So just silencing or ignoring would leave a lot of nasty misconfigurations quietly accepted"
Could these "nasty misconfigurations" be made only by administrator, or is it about squid possible wrong behavior?
Are there any strong technical reasons to avoid using of empty ACLs in production environment?
And are there any news about explicit flag to indicate whether an ACL is allowed to be empty or not?
Thank you.
Nikita Seregin
More information about the squid-users
mailing list